Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-5.6

Fortinet NSE4_FGT-5.6 Exam
Fortinet NSE 4 - FortiOS 5.6 (Page 2 )

Updated On: 7-Feb-2026
Page 2 of 38
PDF with 185 Questions

View the routing table, then identify which route will be selected when trying to reach 10.20.30.254?

  1. 10.20.30.0/26 [10/0] via 172.20.168.254, port2
  2. 0.0.0.0/0 [10/0] via 172.20.121.2, port1
  3. 10.30.20.0/24 [10/0] via 172.20.121.2, port1
  4. 10.20.30.0/24 [10/0] via 172.20.167.254, port3

Answer(s): D



Which of the following statements are true when using Web Proxy Auto-discovery Protocol (WPAD) with the DHCP discovery method?
(Choose two.)

  1. The browser sends a DHCPINFORM request to the DHCP server.
  2. The browser will need to be preconfigured with the DHCP server's IP address.
  3. The DHCP server provides the PAC file for download.
  4. If the DHCP method fails, browsers will try the DNS method.

Answer(s): A,D



Which of the following statements about the FSSO collector agent timers is true? Response:

  1. The dead entry timeout interval is used to age out entries with an unverified status.
  2. The workstation verify interval is used to periodically check if a workstation is still a domain member.
  3. The user group cache expiry is used to age out the monitored groups.
  4. The IP address change verify interval monitors the server IP address where the collector agent is installed, and updates the collector agent configuration if it changes.

Answer(s): A



Which of the following statements about NTLM authentication are correct? (Choose two.)

  1. It is useful when users log in to DCs that are not monitored by a collector agent.
  2. It takes over as the primary authentication method when configured alongside FSSO.
  3. Multi-domain environments require DC agents on every domain controller.
  4. NTLM-enabled web browsers are required.

Answer(s): A,D



How can you configure the explicit web proxy to block HTTP packets that request a specific HTTP method?

  1. Create an explicit proxy address that matches the HTTP method and apply it to an explicit proxy policy with the action Deny.
  2. Apply a web filter profile to an explicit proxy policy that blocks the HTTP method.
  3. Create a firewall service that matches the HTTP method and apply it to an explicit proxy policy with the action Deny.
  4. Create a DNS filter that matches the HTTP method and apply it to an explicit proxy policy with the action Deny.

Answer(s): A






Post your Comments and Discuss Fortinet NSE4_FGT-5.6 exam prep with other Community members:

Join the NSE4_FGT-5.6 Discussion